This is a dependency free, small package that checks if the output of pnpm licenses complies with common "good" open source licenses.
It will only work with projects using pnpm >= 9.x.
pnpm add pnpm-license-checker -Dpnpm-license-checkerYou may want to define a script in your package.json like:
"scripts": {
"license:check": "pnpm-license-checker"
}Sometimes you may want to specifically allow certain packages that are internal or have a one-off license that you do not want to blanket allow.
To do so, you can configure this in .pnpm-license-checker.json:
{
"allowedPackages": ["specific-package1"]
}We have a default list of allowed licenses, if you do not want to specify your own, it will default to:
// Default allowed licenses
const defaultAllowedLicenses = [
'Apache-2.0',
'All Rights Reserved',
'Artistic-2.0',
'BlueOak-1.0.0',
'0BSD',
'BSD',
'BSD-2-Clause',
'BSD-3-Clause',
'CC0-1.0',
'CC-BY-4.0',
'CC BY-SA 4.0',
'ISC',
'LGPL-3.0-or-later',
'MIT',
'MIT-0',
'MPL-2.0',
'Public Domain',
'Python-2.0',
'Unicode-DFS-2016',
'Unlicense',
'UNLICENSED',
];However, if this list does not meet your needs, you are welcome to override it in .pnpm-license-checker.json:
{
"allowedLicenses": ["BSD", "MIT"]
}This will replace all the default licenses, so if you want to use the default list and add some, you will need to provide all the licenses you want to support.